FIDO Alliance

After centuries of use, passwords are now being left behind as the majority of the technology industry is moving full steam ahead with alternate authentication solutions like voice biometric identity verification and personal identification numbers.

In order to successfully migrate away from passwords, however, it’s critical that authentication devices can seamlessly integrate and communicate with one another. A voice recognition engine, for instance, needs to be able to be able to connect directly with a website or cloud application in order to operate optimally.

The Fast Identity Online Alliance (FIDO) is a nonprofit consortium formed in 2012 that is working to establish open and scalable standards for authentication systems. As a member, VoiceVault is working in cooperation with a long list of industry heavyweights to ensure its software solutions align with the organization’s expected standards.

Here are two interesting updates from FIDO that have been in the news recently:

Windows 10 to support FIDO: Microsoft recently announced its commitment to retire passwords by supporting FIDO 2.0 specifications in its newest software version, Windows 10. Moving forward, Microsoft end users will be able to log into PCs and accompanying software using biometric technologies. The decision to abide by FIDO standards is a big step forward when considering Microsoft’s position as a major technology leader.

FIDO takes part in President Obama’s cybersecurity summit: FIDO took part in a high-profile Silicon Valley cybersecurity summit on Feb. 13, hosted by President Obama. FIDO Alliance member companies were invited to speak about the need to replace passwords with advanced standards. Check out FIDO Vice President Ramesh Kesanupalli’s recap of the event here.

You can learn more about how VoiceVault is doing its part to set the standard for mobile identity verification by clicking here.

Picture this: you turn on your phone with a variety of business tasks that you need to accomplish. You need to check your work and personal email, your bank account, your voicemail and three separate company applications. And you have some shopping to take care of. So, you reach into your pocket and pull out a list of handwritten passwords. You have at least four that you will utilize during this process.

What happens, though, if this sheet gets lost or stolen? Passwords are terribly inefficient and not at all conducive to supporting today’s mobile identity verification demands. Passwords are often used over multiple accounts and can easily be phished or cracked using keylogging techniques. Additionally, they are inefficient. In fact, a recent study proved that 44 percent of professionals believe that username and password-based authentication is no longer a viable method of ensuring mobile identity verification in a business setting.

One organization that is taking active measures to mobile identity authentication is the FIDO Alliance, a non-profit organization designed to improve interoperability over strong authentication devices and reduce user problems related to the management of multiple usernames and passwords. FIDO intends to create an open and scalable mobile system designed to supplement passwords through the use of biometric recognition solutions.

The FIDO solution uses Universal Authentication Framework (UAF) protocols constructed with public key cryptography to create a passwordless experience. A user will simply register a mobile device over the Internet using either voice or facial recognition, fingerprint or a personal identification (PIN) number. Then, a user merely enters the biometric information when accessing the device. The biometric fingerprint acts as an umbrella for multi-factor authentication and promotes quick and easy login across multiple applications.

For end users, FIDO-enabled devices promote an easier and safer navigation experience. FIDO also benefits Internet Service providers and vendors by providing improved PKI-based security and an increased amount of user engagement. And for vendors, it allows them to move past fragmented authentication solutions through a standardized approach to identity verification.